Date: Tue, 20 Apr 1999 05:56:48 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Chris <freebsd@hiway1.exit109.com> Cc: The Tech-Admin Dude <geniusj@phoenix.unacom.com>, security@FreeBSD.ORG Subject: Re: poink and freebsd Message-ID: <199904201256.FAA64167@cwsys.cwsent.com> In-Reply-To: Your message of "Mon, 19 Apr 1999 13:10:08 EDT." <Pine.BSF.3.96.990419130911.20749A-100000@hiway1.exit109.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Why not send a copy to security-officer@freebsd.org. Then it can be
fixed.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Open Systems Group Internet: Cy.Schubert@uumail.gov.bc.ca
ITSD Cy.Schubert@gems8.gov.bc.ca
Province of BC
"e**(i*pi)+1=0"
In message <Pine.BSF.3.96.990419130911.20749A-100000@hiway1.exit109.com>
, Chris
writes:
> jd-
>
> id rather not post the source to the list, since this is how exploits get
> distributed, and bad things occur. i sent email to the security-officer,
> and a few people to test it out with their setup.. id rather not
> distribute it any further... i hope you understand my reasoning behind it
> :/
>
> -Chris O'Hara
> Systems Administration
>
> On Mon, 19 Apr 1999, The Tech-Admin Dude wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Better yet, post a copy to the mailing list :-).. I have heard of it, but
> > i have not tried it nor seen the effects of it.. post the source up here..
> > Thanks
> >
> > - -JD-
> >
> > On Mon, 19 Apr 1999, Robert Watson wrote:
> >
> > > On Mon, 19 Apr 1999, Chris wrote:
> > >
> > > > im sure ya'll have heard of poink, an exploit against freebsd/openbsd
> > > > machines (these are the boxes i have tested on) it appears to work very
> > > > efficiently in killing freebsd 3.1 - freebsd 3.0 machines, against one
> of
> > > > our freebsd 2.2.5 machines, it did bring up the error messages in
> > > > /var/log/messages (arp lookups) but didnt kill the machine like the
> > > > others...
> > > >
> > > > im just wondering if there are any patches for this, and i noticed ther
> e
> > > > is no mention of it on freebsd's website....
> > >
> > > Interestingly, I haven't heard about this one, and it doesn't appear to b
> e
> > > on rootshell, etc. The only "poink" I could find reference to was an
> > > alternative ping program that doesn't require root access--I assume that
> > > means it uses udp or something to try and get a response (perhaps looking
> > > for a connection refused ICMP except on the socket?). I may just have
> > > missed it in passing, of course, given the vast quantities of email that
> > > go through around here :-).
> > >
> > > Since it doesn't appear to have been reported, send a copy of the source
> > > to security-officer@freebsd.org, and feel free to CC me a copy so I can
> > > take a look.
> > >
> > > Robert N Watson
> > >
> > > robert@fledge.watson.org http://www.watson.org/~robert/
> > > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
> > >
> > > Carnegie Mellon University http://www.cmu.edu/
> > > TIS Labs at Network Associates, Inc. http://www.tis.com/
> > > Safeport Network Services http://www.safeport.com/
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> > >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGPfreeware 5.0i for non-commercial use
> > Charset: noconv
> >
> > iQA/AwUBNxtibtGMB8VPlu8bEQJ/rgCgp469vqIP+XvUBt8E6p+eWv8kM9YAoJVE
> > JPNHwoC9dFTZuubRq8AxjIej
> > =neIQ
> > -----END PGP SIGNATURE-----
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904201256.FAA64167>